IT Compliance Manager – 100% Remote

Job Description – IT Compliance Manager – 100 Remote Currently searching for an IT Compliance Manager. The individual will help deliver an enterprise IT Compliance Program for SOX and PCI as well as develop an Information Protection Program to reduce risk across the organization. The position utilizes strong policy and process knowledge as well as knowledge of a variety of technologies to identify risk and compliance issues and to drive mitigation, remediation and compliance activities within the business and IT organization. It involves interaction with numerous departments and business functions. Additional Information Security responsibilities will be required as needed. Individual must possess the desire to drive projects and remediation efforts to their conclusion in an environment undergoing transformation. RESPONSIBILITIES Develop a Compliance Program and Framework to manage SOX and PCI compliance. Manage and mature the Compliance Program going forward. Build Compliance calendarsschedules for SOX and PCI Facilitate both internal and external audit efforts related to IT as well as drive remediation activities with the business and IT. Facilitate assessment of and compliance with regulatory and legal requirements including GLBA. Maintain and update information security policies and standards. Review third party contracts for security and data protection purposes. Identify appropriate compliance requirements and controls based on current and future risks, policies and architecture. Provide compliance requirements, consultation and advisement to the business and project leads around data protection issues, risk management and security compliance. Develop and enhance governance, information risk and information security programs related to system and data protection efforts across the company. Develop, drive and govern the vulnerability remediation program including standards for required remediation timeframes. Develop, enhance and manage the security awareness program including employee Phishing simulation exercises. Develop innovative ways to provide awareness of key security concerns to the enterprise. Develop Risk and Compliance reporting metrics to ensure progress on these programs is managed, tracked and understood by leadership. Lead compliance projects and implementations including enterprise Information Protection Projects to reduce risk around sensitive data. Performance of other duties and responsibilities as assigned. Minimum Qualifications 5-7 years Information Security, IT General Controls, Compliance, IT audit andor Security Risk Management. 3 years leadership experience, including consensus building, and ability to effectively work with cross-functional teams and resources to address competing priorities. Demonstrated experience with regulatory and legal requirements (e.g., PCI, SOX, GLBA etc. requirements). Knowledge of security risk frameworks, standards and best practices (i.e. PCI, ISO, ITGC, COBIT, COSO, CMM). Strong communication, documentation, presentation and facilitation skills. Strong project management skills, analytical skills and attention to detail. Ability to translate a business agenda into technology terms. Excellent verbal and written communication skills. Strong knowledge in Process Improvement. Preferred BSBA degree Compliance or audit background. Certifications such as CISA, ISA, CISP, GIAC-GSNA, CISSP